Inside | Real news, curated by real humans
Inside Security

Inside Security (Feb 12th, 2018)

David’s Take

Cryptomining malware continues to crop up in unexpected places, including the Triton virus infecting SCADA control systems last December in Saudi Arabia and more recently for a European municipal water utility and in the central Russian nuclear control facility in Sarov. The latter location is interesting because the staffers had the rather bright idea to find an Ethernet card and connect their resident supercomputer to the Internet for the mining operations, which was promptly discovered (the machine is supposed to remain offline). And Coinhive cryptominers have infected more than five thousand government websites in the US, UK and Australia, using the BrowseAloud plug-in that is used to help visually-impaired people visit websites.

If you are looking for a great spy novel that has some very realistic IT schemes and scenes, I would highly recommend TL Williams’ Zero Day: China's Cyber Wars. The book’s realism took two years for the CIA to clear it (Williams was a former CIA operations officer), and he claims he had very little cybersecurity knowledge before starting to write it.  

-- David Strom, editor of Inside Security

  • Email gray
  • Permalink gray

Funding and merger news of the week

SAM, a Tel Aviv, Israel-based home network cyber defense company, has raised $3.5M in seed funding led by Blumberg Capital. Its CEO is Sivan Rauscher.


Infocyte closed a $5.2M B funding round, led by Toba Capital. The company sells threat hunting tools and Chris Gerritz is their founder and chief product officer.


RSE Ventures has acquired global cybersecurity company Oxford Solutions for approximately $30M. The parent will henceforth be called Skout Secure Intelligence and its CEO is Aidan Kehoe. They're based in metro NYC.

  • Email gray
  • Permalink gray

Attacks

Researchers have been tracking malicious spam pushing the Hancitor malware, a macro-based campaign spread through Office documents that usually results in delivering a banking Trojan. It is usually detected by Windows 10 Defender, but not on earlier versions of Windows. This post describes how it actually makes money. – UNIT 42 (Palo Alto Networks)

  • Email gray
  • Permalink gray

As the Olympics opening ceremony happened last week, organizers have confirmed that a cyberattack happened. The report was slim on details, and no data leaks occurred. The main website was taken offline and users weren’t able to print tickets for about 12 hours, and one stadium’s wireless networks went offline. The organizers didn’t reveal the source of the attack, but Cisco/Talos has analyzed the samples and claimed they were just trying to disrupt the Games. – THE GUARDIAN

  • Email gray
  • Permalink gray

Reports

A new Ponemon survey of 1200 IT professionals found that the majority of them aren’t satisfied with cyber threat sharing tools in terms of timeliness, accuracy and the poor quality of actionable information. Some of this has to do with a johnny-come-lately realization that threat intel could have been used to prevent a previous attack.

Email x1 ponemon
  • Email gray
  • Permalink gray

If you haven’t been paying much attention to all the hubbub about GDPR because you don’t have any EU business, you aren’t alone. David Froud, to his chagrin, had similar thoughts until he realized that he needed to review the regs and understand that a US citizen on holiday in the UK and ordering something online could be subject to the regs, as is a UK citizen on holiday in the States. Never assume! – FROUD ON FRAUD

  • Email gray
  • Permalink gray

This article talks about how CIOs will need to unify their teams of physical security and IT security if they want to be successful. There are several ways to bridge the two, such as determining ahead of time a joint vision and strategy, better communication between the teams, and understanding what each team’s goals and responsibilities are. – HELP NET SECURITY

  • Email gray
  • Permalink gray

My colleague and podcasting partner Paul Gillin has written a piece about voice recognition programs. Thanks to encryption and tunneling, voice-activated devices are believed to be reasonably secure against compromise at the software level, but what about the commands they accept? Recent research has shown that voice recognition itself can be compromised with unsettling ease.  – SECURITY INTELLIGENCE  (IBM)

  • Email gray
  • Permalink gray

Beginner’s corner

The world’s most popular and longest-living web exploit remains SQL injection, and here is a very solid tutorial on how it is done. It is all a matter of how you place your quotation marks in the URL. Worth reviewing, even for your clueless manager who may think you are protected. And you can read a report about SQLi that I wrote more than a decade ago that is still mostly relevant (if I say so myself). – ACUNETIX BLOG

Email x1 sql i
  • Email gray
  • Permalink gray

Looking to catch up on your reading, or find primers and other explainers for basic blockchain and bitcoin tech? Try this reading list from Andressen Horowitz.

  • Email gray
  • Permalink gray

If you are trying to learn something more than just a few basic SSH tunneling commands, start with this tutorial that will show you how to forward packets from a remote TCP port and other useful command-line options. – TAOS  

  • Email gray
  • Permalink gray

The Docket

Officers from Ukraine's Cyber Police Department arrested a suspect last week for attempting to sell customer data belonging to his former employer. The suspect tried to sell nearly 100 GB of data he obtained from a financial company that offered loan services to Ukrainian citizens. – BLEEPING COMPUTER

  • Email gray
  • Permalink gray

Just for fun

A groan from Facebook.

  • Email gray
  • Permalink gray

Subscribe to Inside Security

MORE NEWSLETTERS

A thoughtful roundup of news and links for developers

Inside Dev

A thoughtful roundup of news and links for developers

WEEKLY
A thoughtful roundup of news and links for developers

Inside Dev

WEEKLY

SUBSCRIBED!

Share via

A concise presentation of the world's most important, interesting news

Inside Daily Brief

A concise presentation of the world's most important, interesting news

DAILY
A concise presentation of the world's most important, interesting news

Inside Daily Brief

DAILY

SUBSCRIBED!

Share via

Fascinating, curious and amazing journalism, all in one link.

ReadThisThing

Fascinating, curious and amazing journalism, all in one link.

DAILY
Fascinating, curious and amazing journalism, all in one link.

ReadThisThing

DAILY

SUBSCRIBED!

Share via

Digging into the Trump Presidency, issue by issue

Inside Trump

Digging into the Trump Presidency, issue by issue

TWICE WEEKLY
Digging into the Trump Presidency, issue by issue

Inside Trump

TWICE WEEKLY

SUBSCRIBED!

Share via